uTest is a bad choice, even to refer. They send extreme amounts of e-mail and the projects are based on "who found the bug first" in an unrealistic way even when you most likely found the bug first, but as someone found a bug that may look similar to yours, the uTest staff may say it's the same, meaning you don't get paid. Plus their way of reporting is unreasonable and strange, unless they changed it.

I was signed up for a long time, and never received a security test, except some mobile app project which I wasn't interested in I think. The problem is, you have to do all sorts of crappy projects before you can get any normal projects.

With HatForce, that has a project every now and then, at least you get the jobs that are listed on the site. (Plus it's generally, a lot better and more relaxed there. I only wish they had a lot more projects. But using crowd-sourced penetration testers, is not easy when it comes to getting companies signing a contract.)

Last edited by MaXe on Sat Sep 22, 2012 2:14 am, edited 1 time in total.